<%@ page language="java" contentType="text/html; charset=UTF-8"
         pageEncoding="UTF-8"%>
<%@ page import="java.sql.*"%>
<%@ page import="java.security.*"%>
<%@ page import="elibrary.*" %>
<%@ page language="java" import="java.util.*"%>
<%@ include file="config.jsp" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Insert title here</title>
    </head>
    <body>

        <%

        //user id is fetched from the session and if he is not a valid user then he is sent to the index page

        String uid=(String)session.getAttribute("uid");
        if(uid==null||uid.equals(""))
        {
                response.sendRedirect("index.jsp");
        }
        DesEncrypter encrypter = new DesEncrypter();
        int uid1 = Integer.parseInt(encrypter.decrypt(uid));
        Connection con=DaoConnection.getcon(connectURL, DBuser, DBpass);
        Statement st=con.createStatement();
        ResultSet rs=st.executeQuery("SELECT * from USERS WHERE UID="+uid1);
        rs.next();

        String bookid=request.getParameter("bookid");
        String bookname=request.getParameter("bookname");
        int noofcopy=Integer.parseInt(request.getParameter("noofcopy"));
        String author=request.getParameter("author");
        String publisher=request.getParameter("publisher");
        String description=request.getParameter("description");
        String stack=request.getParameter("stack");
        String subject=request.getParameter("subject");
        String category=request.getParameter("category");
        String tags=request.getParameter("tags");

        Statement stmt = null;
        ResultSet results = null;
        try{
	
                stmt=con.createStatement();
	
                //the new book is inserted in the database
	
	
                String str="INSERT INTO BOOK (BOOKID, BOOKNAME, NOOFCOPY, AUTHOR, PUBLISHER, DESCRIPTION, STACK, SUBJECT, CATEGORY, TAGS) VALUES ('"+bookid+"','"+bookname+"',"+noofcopy+",'"+author+"','"+publisher+"','"+description+"','"+stack+"','"+subject+"','"+category+"','"+tags+"')";
            stmt.executeUpdate(str);
                int i = 1;
                while (i <= noofcopy){
                        str = "INSERT INTO COPY (BOOKID, COPYID, ISSUED) VALUES ('"+bookid+"',"+i+",0)";
                        i++;
                        stmt.executeUpdate(str);
                }
	
                //The message is entered in the session
	
            session.setAttribute("message", "Book entered succesfully.");
                response.sendRedirect("newBook.jsp");
        }catch(Exception e){
             out.println(e.toString());
             out.println("ERROR!!");
             e.printStackTrace();
         }
        %>

    </body>
</html>